Aloha. I've configured our IdM server as an OpenLDAP identity provider for our VMware
vCenter 6.7 server. I'm able to login to our vCenter as the IdM user with username
and password, but I'm unable to authenticate using smart card authentication. My IdM
domain is "xxxx.xxxx.mil", but my smart card is issued by the DoD, and the
Subject Alternative Name (SAN) on my identity certificate shows ex."Principal
Name=1234567897000@mil". When we used Active Directory authentication with vCenter,
the user account properties for UPN needed to match the SAN value (ex.1234567897000@mil)
from the users identiy certificate. That said, if our domain name is
""xxxx.xxxx.mil", is it possible to have an IdM user account with username
"first.last.usr" and a SSL certificate mapping that uses all or a portion of the
SAN value (ex. "Principal Name=123456789700@mil") for smart card authentication?
Show replies by date